That’s a very sane stance. Treating LLM output as untrusted input is probably the correct default when correctness matters.
The worst failures I’ve seen happen when teams half-trust the model — enough to automate, but still needing heavy guardrails. Putting the checks outside the model keeps the system understandable and deterministic.
Ignoring AI unless it can be safely boxed isn’t anti-AI — it’s good engineering.
[dead]
That framing resonates a lot. In production, creativity is often just unbounded variance.
Once each step is intentionally boring and constrained, failures become predictable and debuggable — which is what engineering actually optimizes for. That tradeoff is almost always worth it.
I’m building Verdic Guard (verdic.dev) around the same idea: treat LLMs as creative generators, but enforce scope and correctness outside the model so systems stay calm under load.